claude-dev-env 1.38.1 → 1.40.0

package/skills/bugteam/scripts/config/bugteam_code_rules_gate_constants.py

@@ -0,0 +1,25 @@
+"""Configuration constants for the bugteam CODE_RULES gate script."""
+
+from __future__ import annotations
+
+BUGTEAM_CODE_RULES_GATE_PREFIX: str = "bugteam_code_rules_gate: "
+EXIT_CODE_ENFORCER_MISSING: int = 2
+HUNK_HEADER_RAW_PATTERN: str = r"^@@ -\d+(?:,\d+)? \+(\d+)(?:,(\d+))? @@"
+MAXIMUM_ISSUES_TO_REPORT: int = 3
+MAXIMUM_COLUMN_TUPLE_ELEMENT_COUNT: int = 2
+VIOLATION_LINE_RAW_PATTERN: str = r"^Line (\d+):"
+
+ALL_CODE_FILE_EXTENSIONS: frozenset[str] = frozenset(
+    {".py", ".js", ".ts", ".tsx", ".jsx"}
+)
+ALL_JS_FILE_EXTENSIONS: tuple[str, ...] = (".js", ".ts", ".tsx", ".jsx")
+ALL_COLUMN_MAGIC_FALSE_VALUES: frozenset[str] = frozenset(
+    {"true", "false", "none", "null"}
+)
+ALL_GIT_DIFF_CACHED_ARGS: tuple[str, ...] = (
+    "git",
+    "diff",
+    "--cached",
+    "--name-only",
+    "-z",
+)

package/skills/bugteam/scripts/config/bugteam_fix_hookspath_constants.py

@@ -0,0 +1,26 @@
+"""Configuration constants for bugteam_fix_hookspath auto-remediation script."""
+
+from __future__ import annotations
+
+HOOKS_PATH_SUFFIX: str = "hooks/git-hooks"
+
+ALL_CANONICAL_HOOKS_DIRECTORY_COMPONENTS: tuple[str, str, str] = (
+    ".claude",
+    "hooks",
+    "git-hooks",
+)
+
+ALL_HOME_ENV_VAR_NAMES: tuple[str, str] = ("HOME", "USERPROFILE")
+
+PREFLIGHT_NO_PYTEST_FLAG: str = "--no-pytest"
+
+PREFLIGHT_REPO_ROOT_FLAG: str = "--repo-root"
+
+ALL_GLOBAL_HOOKS_PATH_ARGUMENTS: tuple[str, ...] = (
+    "git",
+    "config",
+    "--global",
+    "--get",
+    "core.hooksPath",
+)
+GIT_DIRECTORY_NAME: str = ".git"

package/skills/bugteam/scripts/config/bugteam_preflight_constants.py

@@ -0,0 +1,35 @@
+"""Configuration constants for the bugteam preflight check script."""
+
+from __future__ import annotations
+
+BUGTEAM_PREFLIGHT_SKIP_ENV_VAR_NAME: str = "BUGTEAM_PREFLIGHT_SKIP"
+EXPECTED_HOOKS_PATH_SUFFIX: str = "hooks/git-hooks"
+ENFORCEMENT_ABSENT_MESSAGE: str = (
+    "Git-side CODE_RULES enforcement is not active on this host.\n"
+    "Run: npx claude-dev-env .\n"
+    "Or set core.hooksPath at any scope, e.g.:\n"
+    "  git config --global core.hooksPath ~/.claude/hooks/git-hooks"
+)
+PYTEST_EXIT_CODE_NO_TESTS_COLLECTED: int = 5
+EXIT_CODE_HOOKS_PATH_CHECK_FAILED: int = 1
+ALL_DISCOVERY_IGNORE_DIRECTORIES: frozenset[str] = frozenset(
+    {"site-packages", ".venv", "venv", "node_modules"}
+)
+BUGTEAM_PREFLIGHT_PREFIX: str = "bugteam_preflight: "
+
+
+ALL_GIT_CONFIG_HOOKS_PATH_ARGUMENTS: tuple[str, ...] = (
+    "config",
+    "--get",
+    "core.hooksPath",
+)
+ALL_PRE_COMMIT_ARGUMENTS: tuple[str, ...] = (
+    "pre-commit",
+    "run",
+    "--all-files",
+)
+GIT_DIRECTORY_NAME: str = ".git"
+PYTEST_INI_FILENAME: str = "pytest.ini"
+PYPROJECT_FILENAME: str = "pyproject.toml"
+PYPROJECT_PYTEST_SECTION_PREFIX: str = "[tool.pytest"
+PRE_COMMIT_CONFIG_FILENAME: str = ".pre-commit-config.yaml"

package/skills/bugteam/scripts/config/claude_permissions_common_constants.py

@@ -0,0 +1,20 @@
+"""Configuration constants for claude_permissions_common shared helpers."""
+
+from __future__ import annotations
+
+TEXT_FILE_ENCODING: str = "utf-8"
+ALL_PERMISSION_ALLOW_TOOLS: tuple[str, ...] = ("Edit", "Write", "Read")
+AUTO_MODE_ENVIRONMENT_ENTRY_TEMPLATE: str = (
+    "Trusted local workspace: {project_path}/.claude/** is the user's "
+    "project Claude Code config tree; edits inside are routine"
+)
+ATOMIC_WRITE_TEMPORARY_SUFFIX: str = ".tmp"
+GIT_DIRECTORY_MARKER: str = ".git"
+CLAUDE_DIRECTORY_MARKER: str = ".claude"
+CLAUDE_USER_SETTINGS_FILENAME: str = "settings.json"
+DEFAULT_SETTINGS_FILE_MODE: int = 0o600
+SETTINGS_PERMISSIONS_KEY: str = "permissions"
+SETTINGS_ALLOW_KEY: str = "allow"
+SETTINGS_ADDITIONAL_DIRECTORIES_KEY: str = "additionalDirectories"
+SETTINGS_AUTO_MODE_KEY: str = "autoMode"
+SETTINGS_ENVIRONMENT_KEY: str = "environment"

package/skills/bugteam/scripts/config/probe_code_rules_enforcer_check_constants.py

@@ -0,0 +1,12 @@
+"""Configuration constants for the probe_code_rules_enforcer_check script."""
+
+from pathlib import Path
+
+DEFAULT_REPORTED_PATH: str = "fixture.py"
+EXIT_CODE_USAGE_ERROR: int = 2
+MINIMUM_ARGUMENT_COUNT: int = 3
+MAXIMUM_ARGUMENT_COUNT: int = 4
+ENFORCER_RELATIVE_PATH: Path = (
+    Path(".claude") / "hooks" / "blocking" / "code_rules_enforcer.py"
+)
+ENFORCER_MODULE_NAME: str = "code_rules_enforcer"

package/skills/bugteam/scripts/config/windows_safe_rmtree_constants.py

@@ -0,0 +1,7 @@
+"""Configuration constants for the bugteam windows_safe_rmtree script."""
+
+EXIT_CODE_USAGE_ERROR: int = 2
+EXIT_CODE_REMOVE_TREE_FAILURE: int = 3
+EXPECTED_ARGUMENT_COUNT: int = 2
+ONEXC_PYTHON_MAJOR_VERSION: int = 3
+ONEXC_PYTHON_MINOR_VERSION: int = 12

package/skills/bugteam/scripts/grant_project_claude_permissions.py

@@ -0,0 +1,175 @@
+"""Grant Edit/Write/Read permissions on the current directory's .claude tree.
+
+Run from the project root whose .claude/** you want a Claude Code session
+(including spawned subagents) to edit without prompting. Writes idempotent
+entries into the user-scope settings at ~/.claude/settings.json and prints
+the changes applied. No-op when the entries already exist.
+"""
+
+import sys
+from pathlib import Path
+
+for each_cached_module_name in [
+    each_module_key
+    for each_module_key in list(sys.modules)
+    if each_module_key == "config" or each_module_key.startswith("config.")
+]:
+    sys.modules.pop(each_cached_module_name, None)
+parent_directory = str(Path(__file__).resolve().parent)
+if parent_directory not in sys.path:
+    sys.path.insert(0, parent_directory)
+
+from _claude_permissions_common import (  # noqa: E402
+    append_if_missing,
+    build_permission_rules,
+    ensure_dict_section,
+    ensure_list_entry,
+    exit_with_error,
+    get_current_project_path,
+    load_settings,
+    save_settings,
+)
+from config.claude_permissions_common_constants import (  # noqa: E402
+    ALL_PERMISSION_ALLOW_TOOLS,
+    AUTO_MODE_ENVIRONMENT_ENTRY_TEMPLATE,
+    CLAUDE_DIRECTORY_MARKER,
+    CLAUDE_USER_SETTINGS_FILENAME,
+    GIT_DIRECTORY_MARKER,
+    SETTINGS_ADDITIONAL_DIRECTORIES_KEY,
+    SETTINGS_ALLOW_KEY,
+    SETTINGS_AUTO_MODE_KEY,
+    SETTINGS_ENVIRONMENT_KEY,
+    SETTINGS_PERMISSIONS_KEY,
+)
+
+
+def is_valid_project_root(candidate_path: Path) -> bool:
+    """Check whether a candidate path has expected project-root markers.
+
+    Args:
+        candidate_path: Path to check for project-root markers.
+
+    Returns:
+        True when the path contains .git or .claude directory.
+    """
+    return (
+        (candidate_path / GIT_DIRECTORY_MARKER).exists()
+        or (candidate_path / CLAUDE_DIRECTORY_MARKER).exists()
+    )
+
+
+def add_rules_to_allow_list(all_settings: dict[str, object], all_rules_to_add: list[str]) -> int:
+    """Add permission rules to the settings allow list.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        all_rules_to_add: Permission rule strings to append.
+
+    Returns:
+        Number of rules actually added (new entries).
+    """
+    permissions_section = ensure_dict_section(all_settings, SETTINGS_PERMISSIONS_KEY)
+    existing_allow_list = ensure_list_entry(permissions_section, SETTINGS_ALLOW_KEY)
+    return sum(
+        1
+        for each_rule in all_rules_to_add
+        if append_if_missing(existing_allow_list, each_rule)
+    )
+
+
+def add_directory_to_additional_directories(
+    all_settings: dict[str, object], directory_path: str
+) -> int:
+    """Add a project path to the additionalDirectories allow list.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        directory_path: The project directory path to add.
+
+    Returns:
+        1 when the entry was added, 0 when it already existed.
+    """
+    permissions_section = ensure_dict_section(all_settings, SETTINGS_PERMISSIONS_KEY)
+    existing_directories = ensure_list_entry(
+        permissions_section, SETTINGS_ADDITIONAL_DIRECTORIES_KEY
+    )
+    if append_if_missing(existing_directories, directory_path):
+        return 1
+    return 0
+
+
+def add_auto_mode_environment_entry(
+    all_settings: dict[str, object], entry_text: str
+) -> int:
+    """Add an auto-mode environment entry for the project.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        entry_text: The environment entry text to add.
+
+    Returns:
+        1 when the entry was added, 0 when it already existed.
+    """
+    auto_mode_section = ensure_dict_section(all_settings, SETTINGS_AUTO_MODE_KEY)
+    existing_environment = ensure_list_entry(auto_mode_section, SETTINGS_ENVIRONMENT_KEY)
+    if append_if_missing(existing_environment, entry_text):
+        return 1
+    return 0
+
+
+def grant_permissions_for_current_directory() -> None:
+    """Grant Edit/Write/Read permissions for the current project directory.
+
+    Reads the current project path, constructs permission rules from config
+    constants, and writes them to ~/.claude/settings.json atomically.
+
+    Raises:
+        SystemExit(1): When the current directory is not a valid project root.
+        ValueError: Propagated from get_current_project_path() when the path
+                    contains glob metacharacters.
+    """
+    claude_user_settings_path: Path = (
+        Path.home() / CLAUDE_DIRECTORY_MARKER / CLAUDE_USER_SETTINGS_FILENAME
+    )
+    project_root_path = Path.cwd()
+    if not is_valid_project_root(project_root_path):
+        print(
+            f"ERROR: cwd {project_root_path} is not a project root "
+            f"(no {GIT_DIRECTORY_MARKER} or {CLAUDE_DIRECTORY_MARKER}). Run from a project root.",
+            file=sys.stderr,
+        )
+        raise SystemExit(1)
+    project_path = get_current_project_path()
+    permission_rules = build_permission_rules(project_path, ALL_PERMISSION_ALLOW_TOOLS)
+    environment_entry = AUTO_MODE_ENVIRONMENT_ENTRY_TEMPLATE.format(
+        project_path=project_path
+    )
+    settings = load_settings(claude_user_settings_path)
+    rules_added_count = add_rules_to_allow_list(settings, permission_rules)
+    directories_added_count = add_directory_to_additional_directories(
+        settings, project_path
+    )
+    environment_entries_added_count = add_auto_mode_environment_entry(
+        settings, environment_entry
+    )
+    total_changes_count = (
+        rules_added_count + directories_added_count + environment_entries_added_count
+    )
+    if total_changes_count == 0:
+        print(f"Project path: {project_path}")
+        print(f"Settings file: {claude_user_settings_path}")
+        print("No changes needed; settings file left untouched.")
+        return
+    save_settings(claude_user_settings_path, settings)
+    print(f"Project path: {project_path}")
+    print(f"Settings file: {claude_user_settings_path}")
+    print(f"Allow rules added: {rules_added_count} of {len(permission_rules)}")
+    print(f"Additional directories added: {directories_added_count}")
+    print(f"Auto-mode environment entries added: {environment_entries_added_count}")
+
+
+if __name__ == "__main__":
+    try:
+        grant_permissions_for_current_directory()
+    except ValueError as path_error:
+        exit_with_error(str(path_error))

package/skills/bugteam/scripts/probe_code_rules_enforcer_check.py

@@ -0,0 +1,107 @@
+"""Probe one detector inside code_rules_enforcer.py against a fixture file.
+
+Loads ~/.claude/hooks/blocking/code_rules_enforcer.py dynamically and invokes
+the requested check function (e.g. check_collection_prefix, check_library_print)
+against the contents of a target fixture file. Prints the returned issue list.
+
+Used as a verification shape during the historical Copilot gap-analysis
+investigation (see reference/copilot-gap-analysis.md). This script replaces the
+inline python -c probe that the doc used to embed.
+
+Usage:
+    python probe_code_rules_enforcer_check.py <check_function> <fixture_path> [reported_path]
+"""
+
+from __future__ import annotations
+
+import importlib.util
+import sys
+from pathlib import Path
+from types import ModuleType
+
+from config.probe_code_rules_enforcer_check_constants import (
+    DEFAULT_REPORTED_PATH,
+    ENFORCER_MODULE_NAME,
+    ENFORCER_RELATIVE_PATH,
+    EXIT_CODE_USAGE_ERROR,
+    MAXIMUM_ARGUMENT_COUNT,
+    MINIMUM_ARGUMENT_COUNT,
+)
+
+
+def _load_enforcer_module() -> ModuleType:
+    enforcer_path = Path.home() / ENFORCER_RELATIVE_PATH
+    spec = importlib.util.spec_from_file_location(
+        ENFORCER_MODULE_NAME, str(enforcer_path)
+    )
+    if spec is None or spec.loader is None:
+        raise RuntimeError(f"could not load enforcer at {enforcer_path}")
+    module = importlib.util.module_from_spec(spec)
+    spec.loader.exec_module(module)
+    return module
+
+
+def run_probe(
+    check_function_name: str, fixture_path: str, reported_path: str
+) -> list[str]:
+    """Load an enforcer check function and run it against a fixture file.
+
+    Args:
+        check_function_name: Name of the check function in code_rules_enforcer.
+        fixture_path: Absolute path to the fixture file to check.
+        reported_path: Path string to pass as the file_path parameter.
+
+    Returns:
+        List of issue strings returned by the check function.
+
+    Raises:
+        AttributeError: When the named check function is not found in the enforcer.
+        RuntimeError: When the enforcer module cannot be loaded.
+    """
+    enforcer_module = _load_enforcer_module()
+    check_function = getattr(enforcer_module, check_function_name, None)
+    if check_function is None:
+        raise AttributeError(f"{check_function_name} not found in code_rules_enforcer")
+    fixture_content = Path(fixture_path).read_text(encoding="utf-8")
+    return check_function(fixture_content, reported_path)
+
+
+def _print_usage_to_stderr() -> None:
+    sys.stderr.write(
+        "usage: python probe_code_rules_enforcer_check.py "
+        "<check_function> <fixture_path> [reported_path]\n"
+    )
+
+
+def main(all_arguments: list[str]) -> int:
+    """Invoke the probe with command-line arguments and print results.
+
+    Args:
+        all_arguments: Command-line arguments including script name,
+                       check function name, fixture path, and optional reported path.
+
+    Returns:
+        Exit code 0 on success, EXIT_CODE_USAGE_ERROR on invalid arguments.
+    """
+    argument_count = len(all_arguments)
+    if (
+        argument_count < MINIMUM_ARGUMENT_COUNT
+        or argument_count > MAXIMUM_ARGUMENT_COUNT
+    ):
+        _print_usage_to_stderr()
+        return EXIT_CODE_USAGE_ERROR
+    check_function_name = all_arguments[1]
+    fixture_path = all_arguments[2]
+    reported_path = (
+        all_arguments[3]
+        if argument_count == MAXIMUM_ARGUMENT_COUNT
+        else DEFAULT_REPORTED_PATH
+    )
+    issues = run_probe(check_function_name, fixture_path, reported_path)
+    for each_issue in issues:
+        print(each_issue)
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main(sys.argv))

package/skills/bugteam/scripts/revoke_project_claude_permissions.py

@@ -0,0 +1,220 @@
+"""Revoke the permissions previously granted by grant_project_claude_permissions.
+
+Run from the same project root you previously granted. Removes the matching
+allow rules, the additionalDirectories entry, and the autoMode environment
+entry from ~/.claude/settings.json. Safe to run when no prior grant exists.
+After removals, prunes any newly empty lists and their parent permissions or
+autoMode sections so repeated grant/revoke cycles leave no dead structure.
+"""
+
+import sys
+from pathlib import Path
+
+for each_cached_module_name in [
+    each_module_key
+    for each_module_key in list(sys.modules)
+    if each_module_key == "config" or each_module_key.startswith("config.")
+]:
+    sys.modules.pop(each_cached_module_name, None)
+parent_directory = str(Path(__file__).resolve().parent)
+if parent_directory not in sys.path:
+    sys.path.insert(0, parent_directory)
+
+from _claude_permissions_common import (  # noqa: E402
+    build_permission_rules,
+    exit_with_error,
+    get_current_project_path,
+    load_settings,
+    prune_empty_list_then_empty_section,
+    save_settings,
+)
+from config.claude_permissions_common_constants import (  # noqa: E402
+    ALL_PERMISSION_ALLOW_TOOLS,
+    AUTO_MODE_ENVIRONMENT_ENTRY_TEMPLATE,
+    CLAUDE_DIRECTORY_MARKER,
+    CLAUDE_USER_SETTINGS_FILENAME,
+    GIT_DIRECTORY_MARKER,
+    SETTINGS_ADDITIONAL_DIRECTORIES_KEY,
+    SETTINGS_ALLOW_KEY,
+    SETTINGS_AUTO_MODE_KEY,
+    SETTINGS_ENVIRONMENT_KEY,
+    SETTINGS_PERMISSIONS_KEY,
+)
+
+
+def is_valid_project_root(candidate_path: Path) -> bool:
+    """Check whether a candidate path has expected project-root markers.
+
+    Args:
+        candidate_path: Path to check for project-root markers.
+
+    Returns:
+        True when the path contains .git or .claude directory.
+    """
+    return (
+        (candidate_path / GIT_DIRECTORY_MARKER).exists()
+        or (candidate_path / CLAUDE_DIRECTORY_MARKER).exists()
+    )
+
+
+def remove_values_from_list(all_target_list: list[object], all_values_to_remove: set[str]) -> int:
+    """Remove matching values from a list in place.
+
+    Args:
+        all_target_list: The list to remove values from.
+        all_values_to_remove: Set of string values to remove.
+
+    Returns:
+        Number of values removed.
+    """
+    original_length = len(all_target_list)
+    all_target_list[:] = [
+        each_value
+        for each_value in all_target_list
+        if not (isinstance(each_value, str) and each_value in all_values_to_remove)
+    ]
+    return original_length - len(all_target_list)
+
+
+def remove_rules_from_allow_list(
+    all_settings: dict[str, object], all_rules_to_remove: list[str]
+) -> int:
+    """Remove matching permission rules from the settings allow list.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        all_rules_to_remove: Permission rule strings to remove.
+
+    Returns:
+        Number of rules removed.
+    """
+    permissions_section = all_settings.get(SETTINGS_PERMISSIONS_KEY)
+    if not isinstance(permissions_section, dict):
+        return 0
+    existing_allow_list = permissions_section.get(SETTINGS_ALLOW_KEY)
+    if not isinstance(existing_allow_list, list):
+        return 0
+    return remove_values_from_list(existing_allow_list, set(all_rules_to_remove))
+
+
+def remove_directory_from_additional_directories(
+    all_settings: dict[str, object], directory_path: str
+) -> int:
+    """Remove a project path from the additionalDirectories list.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        directory_path: The project directory path to remove.
+
+    Returns:
+        1 when the entry was removed, 0 when not found.
+    """
+    permissions_section = all_settings.get(SETTINGS_PERMISSIONS_KEY)
+    if not isinstance(permissions_section, dict):
+        return 0
+    existing_directories = permissions_section.get(SETTINGS_ADDITIONAL_DIRECTORIES_KEY)
+    if not isinstance(existing_directories, list):
+        return 0
+    return remove_values_from_list(existing_directories, {directory_path})
+
+
+def remove_auto_mode_environment_entry(
+    all_settings: dict[str, object], entry_text: str
+) -> int:
+    """Remove an auto-mode environment entry for the project.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        entry_text: The environment entry text to remove.
+
+    Returns:
+        1 when the entry was removed, 0 when not found.
+    """
+    auto_mode_section = all_settings.get(SETTINGS_AUTO_MODE_KEY)
+    if not isinstance(auto_mode_section, dict):
+        return 0
+    existing_environment = auto_mode_section.get(SETTINGS_ENVIRONMENT_KEY)
+    if not isinstance(existing_environment, list):
+        return 0
+    return remove_values_from_list(existing_environment, {entry_text})
+
+
+def prune_settings_after_revoke(all_settings: dict[str, object]) -> None:
+    """Remove empty lists and their parent sections after revoking entries.
+
+    Args:
+        all_settings: The parsed settings dictionary to prune in place.
+    """
+    prune_empty_list_then_empty_section(
+        all_settings, SETTINGS_PERMISSIONS_KEY, SETTINGS_ALLOW_KEY
+    )
+    prune_empty_list_then_empty_section(
+        all_settings, SETTINGS_PERMISSIONS_KEY, SETTINGS_ADDITIONAL_DIRECTORIES_KEY
+    )
+    prune_empty_list_then_empty_section(
+        all_settings, SETTINGS_AUTO_MODE_KEY, SETTINGS_ENVIRONMENT_KEY
+    )
+
+
+def revoke_permissions_for_current_directory() -> None:
+    """Revoke Edit/Write/Read permissions for the current project directory.
+
+    Reads the current project path, constructs permission rules from config
+    constants, removes them from ~/.claude/settings.json, and prunes any
+    newly empty sections.
+
+    Raises:
+        SystemExit(1): When the current directory is not a valid project root.
+        ValueError: Propagated from get_current_project_path() when the path
+                    contains glob metacharacters.
+    """
+    claude_user_settings_path: Path = (
+        Path.home() / CLAUDE_DIRECTORY_MARKER / CLAUDE_USER_SETTINGS_FILENAME
+    )
+    project_root_path = Path.cwd()
+    if not is_valid_project_root(project_root_path):
+        print(
+            f"ERROR: cwd {project_root_path} is not a project root "
+            f"(no {GIT_DIRECTORY_MARKER} or {CLAUDE_DIRECTORY_MARKER}). Run from a project root.",
+            file=sys.stderr,
+        )
+        raise SystemExit(1)
+    project_path = get_current_project_path()
+    permission_rules = build_permission_rules(project_path, ALL_PERMISSION_ALLOW_TOOLS)
+    environment_entry = AUTO_MODE_ENVIRONMENT_ENTRY_TEMPLATE.format(
+        project_path=project_path
+    )
+    settings = load_settings(claude_user_settings_path)
+    rules_removed_count = remove_rules_from_allow_list(settings, permission_rules)
+    directories_removed_count = remove_directory_from_additional_directories(
+        settings, project_path
+    )
+    environment_entries_removed_count = remove_auto_mode_environment_entry(
+        settings, environment_entry
+    )
+    total_changes_count = (
+        rules_removed_count
+        + directories_removed_count
+        + environment_entries_removed_count
+    )
+    if total_changes_count == 0:
+        print(f"Project path: {project_path}")
+        print(f"Settings file: {claude_user_settings_path}")
+        print("No changes to revoke; settings file left untouched.")
+        return
+    prune_settings_after_revoke(settings)
+    save_settings(claude_user_settings_path, settings)
+    print(f"Project path: {project_path}")
+    print(f"Settings file: {claude_user_settings_path}")
+    print(f"Allow rules removed: {rules_removed_count} of {len(permission_rules)}")
+    print(f"Additional directories removed: {directories_removed_count}")
+    print(
+        f"Auto-mode environment entries removed: {environment_entries_removed_count}"
+    )
+
+
+if __name__ == "__main__":
+    try:
+        revoke_permissions_for_current_directory()
+    except ValueError as path_error:
+        exit_with_error(str(path_error))